From 059c27a4f0517bcb101f930e78665bdee0d43413 Mon Sep 17 00:00:00 2001
From: Kevin Day <Kevin@kevux.org>
Date: Sat, 26 Jul 2025 16:16:40 -0500
Subject: [PATCH] Security: Invalid write in controller_entry_read() due to
 missing allocation.

The `entry->items` must be increased when the `at` variable is increased.
---
 sources/c/program/controller/main/entry.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/sources/c/program/controller/main/entry.c b/sources/c/program/controller/main/entry.c
index 9cf731c..07941ca 100644
--- a/sources/c/program/controller/main/entry.c
+++ b/sources/c/program/controller/main/entry.c
@@ -186,9 +186,26 @@ extern "C" {
             continue;
           }
           else if (entry->items.used) {
+            state.status = f_memory_array_increase(at, sizeof(controller_entry_item_t), (void **) &entry->items.array, &entry->items.used, &entry->items.size);
+
+            if (F_status_is_error(state.status)) {
+              controller_print_error_entry(&main->program.error, is_entry, F_status_set_fine(state.status), macro_controller_f(f_memory_array_increase_by), F_true);
+
+              break;
+            }
+
             at = entry->items.used++;
           }
           else {
+            if (entry->items.size < 2) {
+              state.status = f_memory_array_resize(2, sizeof(controller_entry_item_t), (void **) &entry->items.array, &entry->items.used, &entry->items.size);
+
+              if (F_status_is_error(state.status)) {
+                controller_print_error_entry(&main->program.error, is_entry, F_status_set_fine(state.status), macro_controller_f(f_memory_array_resize), F_true);
+
+                break;
+              }
+            }
 
             // Skip position 0, which is reserved for "main".
             entry->items.array[0].name.used = 0;
-- 
1.8.3.1